• We did not send an email asking for donations - please read this post.

Search results

  1. LinuxBot

    Debian Security Update DSA-5292 snapd - security update

    The Qualys Research Team discovered a race condition in the snapd-confine binary which could result in local privilege escalation. Continue reading...
  2. LinuxBot

    Ubuntu Security Update USN-5743-2: LibTIFF vulnerability

    USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. Original advisory details: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated...
  3. LinuxBot

    Ubuntu Security Update USN-5755-1: Linux kernel vulnerabilities

    It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that...
  4. LinuxBot

    Ubuntu Security Update USN-5756-1: Linux kernel vulnerabilities

    Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code...
  5. LinuxBot

    Ubuntu Security Update USN-5757-1: Linux kernel vulnerabilities

    Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code...
  6. LinuxBot

    Ubuntu Security Update USN-5757-2: Linux kernel vulnerabilities

    Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code...
  7. LinuxBot

    Ubuntu Security Update USN-5758-1: Linux kernel vulnerabilities

    Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code...
  8. LinuxBot

    Ubuntu Security Update USN-5754-1: Linux kernel vulnerabilities

    It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) It was discovered that a...
  9. LinuxBot

    Ubuntu Security Update USN-5753-1: snapd vulnerability

    The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. Continue reading...
  10. LinuxBot

    Ubuntu Security Update USN-5752-1: Linux kernel (Azure CVM) vulnerabilities

    David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code...
  11. LinuxBot

    Ubuntu Security Update USN-5718-2: pixman vulnerability

    USN-5718-1 fixed a vulnerability in pixman. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause...
  12. LinuxBot

    Ubuntu Security Update USN-5750-1: GnuTLS vulnerability

    It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. Continue reading...
  13. LinuxBot

    Ubuntu Security Update USN-5728-3: Linux kernel (GCP) vulnerabilities

    Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code...
  14. LinuxBot

    Ubuntu Security Update USN-5749-1: libsamplerate vulnerability

    Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate did not properly perform bounds checking. If a user were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a crash. Continue reading...
  15. LinuxBot

    Ubuntu Security Update USN-5748-1: Sysstat vulnerability

    It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. Continue reading...
  16. LinuxBot

    Ubuntu Security Update USN-5745-2: shadow regression

    USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update introduced a regression that caused useradd to behave incorrectly in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update reverts the security fix pending further investigation. We apologize...
  17. LinuxBot

    Ubuntu Security Update USN-5747-1: Bind vulnerabilities

    It was discovered that Bind incorrectly handled large query name when using lightweight resolver protocol. A remote attacker could use this issue to consume resources, leading to a denial of service. (CVE-2016-2775) It was discovered that Bind incorrectly handled large zone data size received...
  18. LinuxBot

    Debian Security Update DSA-5291 mujs - security update

    Multiple security issues were discovered in MuJS, a lightweight JavaScript interpreter, which could result in denial of service and potentially the execution of arbitrary code. Continue reading...
  19. LinuxBot

    Ubuntu Security Update USN-5746-1: HarfBuzz vulnerability

    Behzad Najjarpour Jabbari discovered that HarfBuzz incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service. Continue reading...
  20. LinuxBot

    Ubuntu Security Update USN-5689-2: Perl vulnerability

    USN-5689-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 22.10. Original advisory details: It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification...
Top